Many protocols contain common vulnerabilities that may be exploited, including Secure Sockets Layer (SSL) connections and Lightweight Directory Access Protocol (LDAP). SSL/TLSTransport Layer Security (TLS) including SSL-encapsulated data transfer may be exploited in many ways. The encapsulated data stream could potentially be compromised through cryptographic identification of the key, although modern 128-bit keys are considered to be beyond a reasonable level of encryption. SSL connections are also particularly vulnerable during the handshake process, where the client and server exchange details of the shared encryption keys to be used. Malformed certificates may be used to exploit the parsing libraries used by SSL agents to compromise security details and possibly execute code on the compromised system. In addition, many forms of buffer overrun may also be used during the SSL handshake process to compromise the secured connection. In the fall of 2002, the Linux Slapper worm infected about 7,000 servers. The worm exploited a flaw in SSL on Linux-based Web servers. To read more on this, go to www.cert.org/advisories/CA-2002-27.html or news.com.com/2100-1001-958758.html. The premise behind this vulnerability is that the handshake process during an SSL server connection can cause a buffer overflow by a client using a malformed key. LDAPLightweight Directory Access Protocol (LDAP) provides access to directory services, including the one used by Microsoft's Active Directory. Exploits against variations of this protocol share many common vulnerabilities, including the following:
|